Ubuntu Forum Hack Exposes Email and Password Data of 1.8 Million Users

Paul Lilly

Time to change your password

If you're one of the approximately 1.8 million registered users at Canonical's UbuntuForums.org portal, then consider your login details compromised. You should have received an email from "The Canonical Sysadmins" this morning alerting you to the security breach that allowed a remote attacker to make off with your username, email address, and an encrypted copy of your password after breaking into the forum's database.

"If you have used this password and email address to authenticate at any other website, you are urged to reset the password on those accounts immediately as the attacker may be able to use the compromised personal information to access these other accounts. It is important to have a distinct password for different accounts," Canonical stated in the email.

At present, the UbuntuForums.org website is offline as Canonical investigates the security breach and works to restore things back to normal. According to Canonical, the stolen passwords were not stored in plain text, but as salted hashes. Ubuntu One, Launchpad, and other Ubuntu/Canonical services are not affected by the breach, the open-source company said.

Follow Paul on Google+ , Twitter , and Facebook

Around the web